// Package suspiciousnames contains a blacklist of suspicious names for users and organizations.
package suspiciousnames

import (
	"fmt"
	"strings"

	"github.com/sourcegraph/sourcegraph/cmd/frontend/envvar"
)

// CheckNameAllowedForUserOrOrganization returns a non-nil error if the desired username or
// organization name is suspicious and the currently running site is Sourcegraph.com.
//
// It is intended to prevent users/organizations on Sourcegraph.com from changing their name to a
// name that is likely to be confused with an admin or official account (such as "admin", "root",
// etc.).
//
// 🚨 SECURITY: This is not foolproof; users may choose a name like `secur1ty` that might be
// confused with a name like "security", or they might find another synonym that we didn't think of.
func CheckNameAllowedForUserOrOrganization(desiredName string) error {
	if envvar.SourcegraphDotComMode() && isSuspicious(desiredName) {
		return fmt.Errorf("rejected suspicious name %q", desiredName)
	}
	return nil
}

func isSuspicious(desiredName string) bool {
	_, ok := suspiciousNames[strings.ToLower(desiredName)]
	return ok
}

var suspiciousNames = map[string]struct{}{
	"about":          struct{}{},
	"access":         struct{}{},
	"account":        struct{}{},
	"accounts":       struct{}{},
	"add":            struct{}{},
	"address":        struct{}{},
	"adm":            struct{}{},
	"admin":          struct{}{},
	"administration": struct{}{},
	"adult":          struct{}{},
	"advertising":    struct{}{},
	"affiliate":      struct{}{},
	"affiliates":     struct{}{},
	"ajax":           struct{}{},
	"analytics":      struct{}{},
	"android":        struct{}{},
	"anon":           struct{}{},
	"anonymous":      struct{}{},
	"api":            struct{}{},
	"app":            struct{}{},
	"apps":           struct{}{},
	"archive":        struct{}{},
	"atom":           struct{}{},
	"auth":           struct{}{},
	"authentication": struct{}{},
	"avatar":         struct{}{},
	"backup":         struct{}{},
	"banner":         struct{}{},
	"banners":        struct{}{},
	"billing":        struct{}{},
	"bin":            struct{}{},
	"blog":           struct{}{},
	"blogs":          struct{}{},
	"board":          struct{}{},
	"bot":            struct{}{},
	"bots":           struct{}{},
	"business":       struct{}{},
	"cache":          struct{}{},
	"calendar":       struct{}{},
	"campaign":       struct{}{},
	"careers":        struct{}{},
	"cgi":            struct{}{},
	"chat":           struct{}{},
	"client":         struct{}{},
	"code":           struct{}{},
	"commercial":     struct{}{},
	"compare":        struct{}{},
	"config":         struct{}{},
	"connect":        struct{}{},
	"contact":        struct{}{},
	"contest":        struct{}{},
	"cpanel":         struct{}{},
	"create":         struct{}{},
	"css":            struct{}{},
	"dashboard":      struct{}{},
	"data":           struct{}{},
	"db":             struct{}{},
	"delete":         struct{}{},
	"demo":           struct{}{},
	"design":         struct{}{},
	"designer":       struct{}{},
	"dev":            struct{}{},
	"devel":          struct{}{},
	"dir":            struct{}{},
	"directory":      struct{}{},
	"doc":            struct{}{},
	"docs":           struct{}{},
	"domain":         struct{}{},
	"download":       struct{}{},
	"downloads":      struct{}{},
	"ecommerce":      struct{}{},
	"edit":           struct{}{},
	"editor":         struct{}{},
	"email":          struct{}{},
	"example":        struct{}{},
	"explore":        struct{}{},
	"faq":            struct{}{},
	"favorite":       struct{}{},
	"feed":           struct{}{},
	"feedback":       struct{}{},
	"file":           struct{}{},
	"files":          struct{}{},
	"flog":           struct{}{},
	"follow":         struct{}{},
	"forum":          struct{}{},
	"forums":         struct{}{},
	"free":           struct{}{},
	"ftp":            struct{}{},
	"games":          struct{}{},
	"group":          struct{}{},
	"groups":         struct{}{},
	"guest":          struct{}{},
	"help":           struct{}{},
	"home":           struct{}{},
	"homepage":       struct{}{},
	"host":           struct{}{},
	"hosting":        struct{}{},
	"hostname":       struct{}{},
	"html":           struct{}{},
	"http":           struct{}{},
	"httpd":          struct{}{},
	"https":          struct{}{},
	"image":          struct{}{},
	"images":         struct{}{},
	"imap":           struct{}{},
	"img":            struct{}{},
	"index":          struct{}{},
	"info":           struct{}{},
	"information":    struct{}{},
	"intranet":       struct{}{},
	"invite":         struct{}{},
	"ipad":           struct{}{},
	"iphone":         struct{}{},
	"irc":            struct{}{},
	"issues":         struct{}{},
	"java":           struct{}{},
	"javascript":     struct{}{},
	"job":            struct{}{},
	"jobs":           struct{}{},
	"js":             struct{}{},
	"knowledgebase":  struct{}{},
	"list":           struct{}{},
	"lists":          struct{}{},
	"log":            struct{}{},
	"login":          struct{}{},
	"logout":         struct{}{},
	"logs":           struct{}{},
	"mail":           struct{}{},
	"mail1":          struct{}{},
	"mail2":          struct{}{},
	"mail3":          struct{}{},
	"mail4":          struct{}{},
	"mail5":          struct{}{},
	"mailer":         struct{}{},
	"mailing":        struct{}{},
	"manager":        struct{}{},
	"marketing":      struct{}{},
	"marketplace":    struct{}{},
	"master":         struct{}{},
	"me":             struct{}{},
	"media":          struct{}{},
	"message":        struct{}{},
	"messenger":      struct{}{},
	"mine":           struct{}{},
	"mobile":         struct{}{},
	"movie":          struct{}{},
	"movies":         struct{}{},
	"msg":            struct{}{},
	"msn":            struct{}{},
	"music":          struct{}{},
	"mx":             struct{}{},
	"my":             struct{}{},
	"mysql":          struct{}{},
	"name":           struct{}{},
	"named":          struct{}{},
	"net":            struct{}{},
	"network":        struct{}{},
	"new":            struct{}{},
	"news":           struct{}{},
	"newsletter":     struct{}{},
	"nick":           struct{}{},
	"nickname":       struct{}{},
	"notes":          struct{}{},
	"ns":             struct{}{},
	"ns1":            struct{}{},
	"ns2":            struct{}{},
	"ns3":            struct{}{},
	"ns4":            struct{}{},
	"old":            struct{}{},
	"online":         struct{}{},
	"operator":       struct{}{},
	"order":          struct{}{},
	"orders":         struct{}{},
	"page":           struct{}{},
	"pager":          struct{}{},
	"pages":          struct{}{},
	"panel":          struct{}{},
	"password":       struct{}{},
	"perl":           struct{}{},
	"photo":          struct{}{},
	"photos":         struct{}{},
	"php":            struct{}{},
	"pic":            struct{}{},
	"pics":           struct{}{},
	"plugin":         struct{}{},
	"plugins":        struct{}{},
	"pop":            struct{}{},
	"pop3":           struct{}{},
	"post":           struct{}{},
	"postfix":        struct{}{},
	"postmaster":     struct{}{},
	"posts":          struct{}{},
	"profile":        struct{}{},
	"project":        struct{}{},
	"projects":       struct{}{},
	"promo":          struct{}{},
	"pub":            struct{}{},
	"public":         struct{}{},
	"pulls":          struct{}{},
	"python":         struct{}{},
	"random":         struct{}{},
	"register":       struct{}{},
	"registration":   struct{}{},
	"root":           struct{}{},
	"rss":            struct{}{},
	"ruby":           struct{}{},
	"sale":           struct{}{},
	"sales":          struct{}{},
	"sample":         struct{}{},
	"samples":        struct{}{},
	"script":         struct{}{},
	"scripts":        struct{}{},
	"search":         struct{}{},
	"secure":         struct{}{},
	"security":       struct{}{},
	"send":           struct{}{},
	"service":        struct{}{},
	"setting":        struct{}{},
	"settings":       struct{}{},
	"setup":          struct{}{},
	"shop":           struct{}{},
	"signin":         struct{}{},
	"signup":         struct{}{},
	"site":           struct{}{},
	"sitemap":        struct{}{},
	"sites":          struct{}{},
	"smtp":           struct{}{},
	"sql":            struct{}{},
	"ssh":            struct{}{},
	"staff":          struct{}{},
	"stafftools":     struct{}{},
	"stage":          struct{}{},
	"staging":        struct{}{},
	"start":          struct{}{},
	"stat":           struct{}{},
	"static":         struct{}{},
	"stats":          struct{}{},
	"status":         struct{}{},
	"store":          struct{}{},
	"stores":         struct{}{},
	"subdomain":      struct{}{},
	"subscribe":      struct{}{},
	"suporte":        struct{}{},
	"support":        struct{}{},
	"system":         struct{}{},
	"talk":           struct{}{},
	"task":           struct{}{},
	"tasks":          struct{}{},
	"tech":           struct{}{},
	"telnet":         struct{}{},
	"test":           struct{}{},
	"test1":          struct{}{},
	"test2":          struct{}{},
	"test3":          struct{}{},
	"teste":          struct{}{},
	"tests":          struct{}{},
	"theme":          struct{}{},
	"themes":         struct{}{},
	"tmp":            struct{}{},
	"todo":           struct{}{},
	"tools":          struct{}{},
	"update":         struct{}{},
	"upload":         struct{}{},
	"url":            struct{}{},
	"usage":          struct{}{},
	"user":           struct{}{},
	"username":       struct{}{},
	"video":          struct{}{},
	"videos":         struct{}{},
	"visitor":        struct{}{},
	"web":            struct{}{},
	"webmail":        struct{}{},
	"webmaster":      struct{}{},
	"website":        struct{}{},
	"websites":       struct{}{},
	"ww":             struct{}{},
	"www":            struct{}{},
	"www1":           struct{}{},
	"www2":           struct{}{},
	"www3":           struct{}{},
	"www4":           struct{}{},
	"www5":           struct{}{},
	"www6":           struct{}{},
	"www7":           struct{}{},
	"wwws":           struct{}{},
	"wwww":           struct{}{},
	"xpg":            struct{}{},
	"xxx":            struct{}{},
	"you":            struct{}{},
	"yourdomain":     struct{}{},
	"yourname":       struct{}{},
	"yoursite":       struct{}{},
	"yourusername":   struct{}{},
}
